US Maritime hit by a Ransomware attack

23

A Ryuk Ransomware attack is said to have made the Christmas 2019 celebration awful for US Coast Guard as the malware reportedly disrupted the federal agencies’ operations for more than 33 hours.

Reports are now in that the file-encrypting malware disrupted operations of industrial control systems, CCTV cameras, door access control systems, and monitoring systems.

In an interview with BBC, the US Coast Guard(USCG) admitted that some of the senior officials issued an official alert to all Maritime bases on the malware attack. However, the targeted location remains undisclosed for reason.

Highly placed sources say that the malware which encrypted the files in the database was RYUK variant and possibly entered the network via a phishing email clicked by one of the navy professionals.

USCG security bulletin did mention that the operational disruption was caused by Ryuk Ransomware at a “Maritime Transportation Security Act” (MTSA) regulated facility and reached the cargo monitoring and transport systems within no time.

As per the security protocol a risk management program was implemented as per the best practices prescribed in the NIST Cybersecurity Framework(CSF) and NIST Special Publication 800-82.

FBI already issued a warning to US Maritime in Sept’19 that a major cyberattack was ‘due’ on the port facilities and could be launched anytime between November -December 2019. Still, the US Coast Guard failed to pick up the dots and so faced disruptions due to a ransomware attack.

And the point which might amuse the readers is that the US Coast Guard issued a security warning in July’19 urging vessel manufactures and port city operators to improve their Cybersecurity defense-line against the prevailing cyber landscape.